Mailinglist Archive: opensuse (4749 mails)
| < Previous | Next > |
Re: [SLE] portmap, and another ...
- From: zentara <zentara@xxxxxxxxxxx>
- Date: Tue, 27 May 2003 13:43:41 -0400
- Message-id: <20030527134341.4c38914b.zentara@xxxxxxxxxxx>
On Tue, 27 May 2003 11:07:12 -0500
John <yonaton@xxxxxxx> wrote:
> Next quicky question...when I did a nanoprobe test of all services ports
><http://nanoprobe.grc.com/>, I have port 113 'closed' instead of 'stealth'.
>Okay, this one I'll need to ask the tech guys at my ISP if I can actually
>stealth this, am I correct? Since it's the ident port? All other ports were
>'stealth', but I also failed the ping test (icmp echo). Is there a way to
>make it so that my machine doesn't answer 'pings'? This is just a plain ol'
>everyday machine, not running anything special, I use it for mail, surfin',
>and not a whole lot else.
>
> Steve talked about how ZoneAlarm "adaptively stealths" port 113, is there
>some way to get SuSEFirewall2 to do this also?
Read the /sbin/SuSEfirewall2 script and search for 113. Yyou can stealth
it if you want. I have, and don't have problems with my isp, other than alot
of 113 packets dropped in my firewall logs.
Be prepared for posts telling you not to do it though. :-)
--
use Perl; #powerful programmable prestidigitation
John <yonaton@xxxxxxx> wrote:
> Next quicky question...when I did a nanoprobe test of all services ports
><http://nanoprobe.grc.com/>, I have port 113 'closed' instead of 'stealth'.
>Okay, this one I'll need to ask the tech guys at my ISP if I can actually
>stealth this, am I correct? Since it's the ident port? All other ports were
>'stealth', but I also failed the ping test (icmp echo). Is there a way to
>make it so that my machine doesn't answer 'pings'? This is just a plain ol'
>everyday machine, not running anything special, I use it for mail, surfin',
>and not a whole lot else.
>
> Steve talked about how ZoneAlarm "adaptively stealths" port 113, is there
>some way to get SuSEFirewall2 to do this also?
Read the /sbin/SuSEfirewall2 script and search for 113. Yyou can stealth
it if you want. I have, and don't have problems with my isp, other than alot
of 113 packets dropped in my firewall logs.
Be prepared for posts telling you not to do it though. :-)
--
use Perl; #powerful programmable prestidigitation
| < Previous | Next > |